Ubuntuforums.org, the home of a variety of support forums dedicated to users of this popular Linux distribution, has been hacked over the weekend and defaced to show an image of a penguin toting a rifle, apparently the "logo" of the hacker who's responsible for the breach.

Unfortunately, that was not the whole extent of the damage, as Canonical - the UK company that develops the distro - has confirmed that the username, password, and email address of all the registered forum users have been compromised.

"The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP," they warned, adding that Ubuntu One, Launchpad and other Ubuntu/Canonical services are not affected by the breach.

According to the numbers provided by the Internet Archive Wayback Machine, the forum has a little over 1,8 million members, 19,493 of which are active.

In a move that can only be praised, Canonical has shared all the aforementioned information about the breach and the advice for changing passwords with the users via email almost immediately after the compromise was detected.

Ubuntu CEO Jane Silber has shared with Dan Goodin that the company uses MD5 algorithm to encrypt the passwords and a per-user cryptographic salt, which is not the greatest solution, so changing the currently used password - on the forum or anywhere else it is used - should be a must for all users as soon as the forums are back online.

The hacker who executed the attack has not explained the reason for the attack, but it's likely he (she?) did it to harvest user information that can be used for spamming, account hijacking, spear phishing emails, and more.

Spotlight

Microsoft Edge, the new browser in Windows 10, represents a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that arenít present in older versions.

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.